- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- How can I make Antivirus exceptions?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How can I make Antivirus exceptions?
I am planning to enforce Antivirus filtering to Internet bound traffic on Fortigate running 7.2.4. I wonder how I can make exceptions for any potential false positives without turning off the filtering altogether?
Labels:
- Labels:
-
FortiGate
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Team,
Thank you for posting your query.
On Foritgate 7.2.4 fortiOS new feature is added to the exempt list for file-based scanning based on the hash value.
Regards
Priyanka
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To set up exceptions for potential false positives in antivirus filtering on your Fortigate 7.2.4, there are several options:
URL Filter: You can exclude certain URLs or domains from antivirus filtering by adding them to the list of allowed URLs or domains. To do this, go to Security Profiles > Web Filter > URL Filter and add the URLs or domains to the list of allowed URLs.
File types: You can exclude certain file types from antivirus filtering by adding them to the list of allowed file types. To do this, go to Security Profiles > AntiVirus > Profiles and select the profile type you want to edit. Click "Edit" and select the "File Types" tab. Add the file types to the list of allowed file types.
IP addresses: You can exclude certain IP addresses from antivirus filtering by adding them to the list of allowed IP addresses. To do this, go to Security Profiles > AntiVirus > Profiles and select the profile type you want to edit. Click "Edit" and select the "IP Address" tab. Add the IP addresses to the list of allowed IP addresses.
However, it is important to make sure that you do not exclude any potentially dangerous websites, files or IP addresses from antivirus filtering. Make sure that you only set up exceptions for trusted sources and keep the exceptions to a minimum to ensure the security of your network.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Christian_89 @pgautam Thank you very much for the responses. I am looking to exempt a signature or an IP for a specific signature. I used to do those types of exceptions with PaloAlto and wondering if Fortinet allows me to do that?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, Fortinet allows you to create exceptions for specific signatures or IPs using its security policies. The following are the steps to create an exception in Fortinet. 1:
1. log in to your Fortinet device and navigate to the Security Profiles menu.
2. select the profile that contains the signature you want to exclude, such as the Antivirus profile.
Click the Exclusions tab, and then click Add Exception. 4.
Select the signature to exclude from the drop-down list, or enter the IP address or range to exclude. 5.
Select the action you want to apply to the exception, such as "Allow" or "Disable". 6.
Give the exception a name and description, and then click OK to save the exception.
After you create the exception, you can apply it to a specific security policy or globally to all policies that use the selected profile. To apply it to a specific policy, go to Policy Configuration, select the profile you modified, and then select the exception you created.
Remember that creating too many exceptions can reduce the effectiveness of your security measures. Therefore, it is important to carefully consider which signatures or IPs to exclude, and to regularly review and update the exceptions as needed.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unable to find exceptions tab in AV profile. am I looking in the right window?
Related Posts
- MacOS - FortiClient Installer .SH Installs... 542 Views
- mac addressed-based policy is works on... 1559 Views
- Doubts about IPS sensor into some... 596 Views
- Negate option or something else? 2103 Views
Labels
-
FortiGate
6,494 -
FortiClient
1,297 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
413 -
5.6
362 -
FortiSwitch
331 -
FortiAP
331 -
FortiClient EMS
260 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
149 -
6.4
128 -
FortiNAC
104 -
FortiGuard
102 -
FortiGateCloud
87 -
FortiSIEM
86 -
FortiCloud Products
82 -
IPsec
70 -
FortiToken
69 -
Customer Service
69 -
4.0MR3
64 -
SSL-VPN
58 -
Wireless Controller
58 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
Firewall policy
22 -
FortiConverter
21 -
High Availability
20 -
VLAN
19 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
Routing
12 -
FortiCASB
12 -
Interface
11 -
Logging
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
FortiAuthenticator
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
SSID
6 -
SSL SSH inspection
6 -
Authentication
6 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
Security profile
5 -
Traffic shaping policy
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
Intrusion prevention
3 -
Automation
3 -
DoS policy
3 -
Port policy
3 -
FortiDB
3 -
FortiDeceptor
2 -
FortiInsight
2 -
VoIP profile
2 -
Antivirus profile
2 -
Web profile
2 -
Traffic shaping profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Fortinet Engage Partner Program
2 -
trunk
2 -
SDN connector
1 -
4.0MR1
1 -
NAC policy
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
FortiPAM
1 -
Application signature
1 -
Multicast routing
1 -
Authentication rule and scheme
1 -
Zone
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.